Sure - telling me whether you have an api.<domain>.com doesn't matter. Anyone can scan and find that. But, if I know your database names (from a screenshot) and your hosting provider, I know that once I'm past a bastion host, or on your VPN connection - I don't have to wait to sniff or hope you connect to datasources. I now have an informed opinion on where to go.

Not a really good idea all by its own.

Absolutely, but a great idea when combined with other defensive tactics. Obscurity is why armies use camouflage.